Kim32
Level 1: Cadet

How to change POP server password

Answered

If I go to my webmail account settings in the browser I am able to change my bigpond.com email password without problem. If I then try to access this mail account using a mail client with pop3 I find that this new password has not found its way to the pop server and I can still log in to the pop server and retrieve my mail using the old password.

I am wondering if it simply takes some time for the change to filter over to the pop server (mail.bigpond.com) or whether it will never happen and I need to change the pwd at the pop server another way?

This seems like a bit of a security risk too, if someone makes a change to their email pwd via the webmail due to security concerns but the pop access remains unchanged.

I know a problem was mentioned on another thread ( https://crowdsupport.telstra.com.au/t5/Telstra-and-or-BigPond-Email/No-POP-email-access-after-passwo... ) but that did not seem to get resolved.

It just looks to me that the pop access is regarded as old and the webmail configuration is probably no longer fully integrated with it and the password changes may not automatically flow across.

Any clues?

 

1 ACCEPTED SOLUTION

Accepted Solutions
cf4
Level 25: The Singularity
Level 25: The Singularity
Accepted Solution

Re: How to change POP server password

Did you change the password using Email Configuration in Telstra My Account.   Changing password here should take effect within a few minutes.

The settings are located on the left under "Plans and Usage"

View solution in original post

Was this helpful?

  • Yes it was, thank you
  • No, I still need help
3 REPLIES 3
cf4
Level 25: The Singularity
Level 25: The Singularity
Accepted Solution

Re: How to change POP server password

Did you change the password using Email Configuration in Telstra My Account.   Changing password here should take effect within a few minutes.

The settings are located on the left under "Plans and Usage"

View solution in original post

Kim32
Level 1: Cadet

Re: How to change POP server password

Thanks for the post cf4. This was an old bigpond email account and when you go to the profile settings you now get redirected to the 'new look' telstra myaccount page. The login name and password can be editted here without problem. Changing this password does change access to the webmail with no problem (the old password no longer gets you into the webmail as expected). However with this new password set, it is still possible to access the email account via pop3 protocol on the server (mail.bigpond.com) and there is no doubt about that (the pop3 client knows nothing about the new password and is clearly still configured with the old one. This is a security issue more than anything else.

 

Now the latest observation is that around 18 hours after the password change was made and after reporting the issue on telstra's security report page, the new password has been migrated to the pop3 server and now the pop3 mail clients need the new password to function (as it should be).

 

Now you say that the password changes should happen at the pop3 server within 'a few minutes' and I would agree with you on that expectation but it was clearly not the case.

 

I am still left wondering why the 18 hour delay? Did my message to telstra security have any relevance? Is the process automated or does it rely on human intervention to migrate the changes? Is it more to do with the old bigpond mail server not being so closely integrated with the myaccount front end and webmail configuration? I can certainly try the process out again on another account and see how it goes but any insight?

Kim32
Level 1: Cadet

Re: How to change POP server password

I am not sure of why the post above from cf4 was marked as 'solved', as it was not, but I did receive a prompt response from telstrasec (the security folk) acknowledging the problem and advice that an investigation was being made to see what was happening to prevent the migration of the pwd change down to the old POP3 server. Here is a copy of email I received:

 

Hi Kim,

Thanks for writing about this issue.

The problem that you have identified is indeed unexpected; I've reached out to our platform engineering team to get a bit of context to the matter and believe we have an understanding of what you have experienced.

When a password is updated via MyAccount (the preferred location) or one of the other interfaces we provide for making this change, it needs to be replicated across several technology platforms and systems so that it is recognised as updated and the old value replaced.

This process works properly in the vast majority of cases, but, it seems that in a small subset of instances, the replication process may not be fully successful.

This would result in the sort of experience that you encountered:  The updated password works in the Webmail platform, but, is NOT updated on the older POP3 platform.

Our engineers have been actively investigating the underlying technical issue here and believe a permanent fix will be deployed soon; as you can appreciate, this issue is extremely sporadic in nature, impacting very few accounts, and being able to replicate it on demand has been nearly impossible, so it's taken longer than we would have liked to understand the root cause and ensure that any remedy we apply is meaningful.

With respect to your sister's account, the team have now verified that the password should be updated properly across the platform -- please feel free to check and let me know how you get on.

If you are able to replicate this again, we'd love to hear about it, as the team is eager to ensure that updates are processed immediately and accurately across all of these interfaces.

With kind regards,

Scott A. McIntyre
Security Operations
Telstra

 

 

Set it & forget it

With direct debit there’s no need to give paying your bill another thought.

Avoid queuing up and never worry about late fees again.

Setup direct debit